Clubhouse Data of 1.3 Million Users Reportedly Being Sold Online, Company Refutes Claims of Breach

Social

Clubhouse is the latest social media platform to have been subjected to mass data scraping, as data of over 1.3 million users are now reportedly being sold online. This comes after LinkedIn saw a similar data leak of over two-third of its subscribers and Facebook seeing over 533 million users’ personal data being sold online. In the case of Clubhouse, personal details like user ID, name, photo URL, username, Twitter handle have reportedly been scraped. Clubhouse says that the platform hasn’t been hacked or breached, but the dataset sold online is all information that is available to the public and can be accessed via the app.

CyberNews reports of this new mass dataset being scraped from Clubhouse, leading to exposure of 1.3 million users’ personal details. The report suggests that these details, in the hand of bad actors, could lead to targeted phishing, social engineering attacks, or even identity theft. The details that have been scraped from Clubhouse include User ID, name, photo URL, username, Twitter handle, Instagram handle, number of followers, number of people followed by the user, account creation date, and invited by user profile name. While the dataset does not include deeply sensitive data like credit card details or legal documents, social media details can be enough for a competent cybercriminal to cause real damage.

Clubhouse, meanwhile, refutes all claims of being breached or hacked, calling the report “misleading and false”. It says on Twitter, “The data referred to is all public profile information from our app, which anyone can access via the app or our API.” Clubhouse users are advised to change their password and use a good password manager to create unique passwords and store them securely. Ensure that you are cautious while opening messages on Clubhouse and accepting connection requests from strangers. Also, enable two-factor authentication (2FA) on all online platforms, wherever available, and share only necessary data on public social media accounts.

LinkedIn was also a victim of a massive data breach last week, wherein data of over 500 million of its users has been scraped from the platform and posted online for sale. The dataset includes sensitive information like email addresses, phone numbers, workplace information, full names, account IDs, links to their social media accounts, and gender details. Facebook also faced a similar leak in which data of over 500 million users was leaked.


What is the best phone under Rs. 15,000 in India right now? We discussed this on Orbital, the Gadgets 360 podcast. Later (starting at 27:54), we speak to OK Computer creators Neil Pagedar and Pooja Shetty. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, and wherever you get your podcasts.